OCIS with Authentik

I’m trying to get owncloud running with authentik.
After setting up everything i can’t log. I think i miss some env variables but idk which one.

Steps to reproduce

  1. init owncloud
  2. start owncloud server
podman run -d \
--name owncloud \
--pod ocis \
-e TZ=Europe/Rome \
-e PUID=1000 \
-e PGID=1000 \
--restart unless-stopped \
--label "io.containers.autoupdate=image" \
-e OCIS_URL=https://ocis.mydomain.it \
-e GATEWAY_GRPC_ADDR=0.0.0.0:9142 \
-e OCIS_LOG_LEVEL=error \
-e OCIS_LOG_COLOR=true \
-e PROXY_TLS=false \
-e OCIS_INSECURE=false \
-e PROXY_HTTP_ADDR=0.0.0.0:9200 \
-e IDM_CREATE_DEMO_USERS=false \
-e PROXY_ENABLE_BASIC_AUTH=false \
-e OCIS_OIDC_ISSUER=https://auth.mydomain.it/application/o/ocis-web/  \
-e PROXY_AUTOPROVISION_ACCOUNTS=true \
-e PROXY_ROLE_ASSIGNMENT_DRIVER=oidc \
-e PROXY_OIDC_REWRITE_WELLKNOWN=true \
-e OCIS_OIDC_CLIENT_ID=[ClientID created from Authentik] \
--secret OCIS_ADMIN_PASSWORD,type=env,target=IDM_ADMIN_PASSWORD \
-v /home/user/container/ocis/config:/etc/ocis:z \
-v /home/user/container/ocis/data:/var/lib/ocis:z \
-p 9210:9200 \
--network ocis_net \
docker.io/owncloud/ocis:latest

3.login

Expected behaviour

Get logged in correctly

Actual behaviour

Not logged in

Logs

{"level":"error","service":"proxy","request-id":"e5b775a7-58d8-4ca2-8e5b-d9924ce3186e","userid":"5ed9dade-f0c9-4c67-a26d-a05cac93aa2e","error":"no roles in user claims","time":"2023-12-12T10:47:15Z","message":"Error mapping role names to role ids"}
{"level":"error","service":"proxy","error":"no roles in user claims","time":"2023-12-12T10:47:15Z","message":"Could not get user roles"}
´´´

This should help you Proxy Service Configuration

1 Like